Skip to content

Key Management Service (KMS)

To encrypt a password using KMS Key and store it in a file called password.enc 

$ echo "MySuperSecretPassword" | base64 -e  | aws kms encrypt --key-id bbbbb934-8da4-4390-acf4-a1b351abcdef  --region eu-central-1 --plaintext fileb:///dev/stdin --output text --query CiphertextBlob > passwd.enc

To decrypt the file encrypted by the the KMS key 

$ base64 -d passwd.enc | aws kms decrypt --ciphertext-blob fileb:///dev/stdin --region eu-central-1 --output text --query Plaintext | base64 -d | base64 -d
MySuperSecretPassword

Encrypt a file using gpg: 

$ echo $PASSWORD | gpg --batch --passphrase-fd 0 --no-tty -c -R -e --cipher-algo AES256 -o OutputFile InputFile

Another Way:
$ gpg --batch --passphrase $PASSWORD --no-tty -c -R -e --cipher-algo AES256 -o OutputFile InputFile
Decrypt a file using gpg: 
$ echo $PASSWORD | gpg --batch -d --no-tty --passphrase-fd 0 -o OutputFile Inputfile

Another way:
gpg --batch -d --no-tty --passphrase $PASSWORD -o OutputFile Inputfile